Skip to main content

Cyberattacks on UK councils surge during pandemic

cyber security attacks
(Image credit: Unsplash)

As UK councils sent most of their employees to work from home during the pandemic, the number of cyberattacks against the institutions spiked, a new report has claimed.

Technology solutions provider Insight sent a Freedom of Information (FoI) request to 47 councils in England, Scotland, Wales and Northern Ireland, discovering an average rise in cyberattacks of 213 percent in the period from March 2020 compared to the year before.

To Insight, this isn’t even that surprising, given that on average, councils switched three-quarters (74 percent) of their employees to remote workers. That represents 1.4 million workers and is more than double the UK average, the report added.

The switch itself might not be that problematic, were it not for a total lack of investment and preparation for remote working. Just a fifth (20 percent) of councils made additional investments in security, investing an average of $63,200. Even in these cases, the budget came at the expense of other iT services. All things considered, Insight believes, targeting remote workers is only going to increase.

“The fact that councils could move their employees to remote working without disrupting services needs to be recognized for the major achievement it was,” said Darren Hedley, Managing Director, UK & Ireland at Insight. 

“However, councils now need to build on this success: putting in place and strengthening defenses to protect remote workers and eliminate gaps in security that could allow attackers to threaten essential services. It’s likely that many councils cannot do this alone. They need support and resources from central Government, or else we will see more and more employees and councils falling victim to attackers.”

Looking into the near future, Insight argues that things need to change. Less than half of councils (47 percent) invested more of their security budget in increased security training for remote workers, something it deems “essential” for an expanded remote workforce.

Many councils are enabling remote working “without fully understanding the risks”.